OSPF Authentication (MD5)
RIPv2, EIGRP, OSPF, IS-IS, and BGP can all be configured to encrypt and authenticate their routing information. This practice ensures that routers will only accept routing information from other routers that have been configured with the same password or authentication information.
How to Configure OSPF Authentication MD5
To enable OSPF MD5 authentication, you need to define the encryption key, which in essence is just a password on an interface. You must also permit authentication for the entire area. We use the network topology below for example:
Use the follwing command for OSPF routing Athentication.
HQ#configure terminal
HQ(config)#interface Serial0
HQ(config-if)#ip ospf message-digest-key 1 md5 cisco
HQ(config-if)#exit
HQ(config)#router ospf 1
HQ(config-router)#area 0 authentication message-digest
HQ(config-router)#end
HQ#
Also, you must permit OSPF authentication on other routers in the area, making sure that the authentication keys match on all interfaces that share the same network segment.
If you use authentication in an OSPF area, you must configure all of the routers in the area to support authentication. Every interface on a router doesn't have to be configured with authentication. But if you require authentication in any part of an area, you must include authentication support throughout the area. The above example shows, the authentication of Area 0 with the following command:
HQ(config-router)#area 0 authentication message-digest
Use the show ip ospf interface command to view the configured authentication on this interface.
